Call centres a hotbed for identity theft
A STUDY of Scottish call centres has concluded the industry poses a "serious threat" to data privacy.
Researchers, who interviewed dozens of call centre staff in the Glasgow area, concluded the organisations "can and do provide a mechanism for identity theft".
The team uncovered evidence of workers secretly collecting customers' data, forgetting to ask basic security questions of callers, and being regularly offered bribes by criminals to hand over confidential data.
Mobile phone cameras, e-mails and even crossword puzzles were some of the techniques used by workers to try to smuggle out lucrative data, the investigation by University of Strathclyde established.
The revelations follow claims by the financial industry that the annual cost of fraud in the UK now exceeds 600m.
MSPs last week accused the Scottish Government of falling behind on combating fraud after the authorities in England and Wales published the first national fraud strategy.
Figures published last week also showed that identity theft increased by 39% last year, costing victims 47.4m.
Iain Moir, of Strathclyde's department of management, and Dr George Weir, from the university's department of computer and information sciences, focused their research on three Glasgow call centres in the fields of finance, telecommunications and outsourcing.
Interviews with 45 workers revealed a "rich setting for identity theft". Results showed:
&149 22% worked with people they considered suspicious;
&149 11% had allowed customers to access their account without asking any security details;
&149 67% had access to e-mail at work, which could be used to send out sensitive information to third parties;
&149 73% had dealt with a suspicious call they believed was an attempt to steal information;
• 6% of employees or their colleagues had been offered money for information.
The study found that although companies had policies on the use of mobile phones, pens and paper, and computer access, all of which can lead to security breaches, they were often not enforced.
One worker told the researchers: "There were two people, they found them taking people's details using newspapers. They were writing the account numbers in the crossword puzzles. The police were called in and they were handcuffed and frog-marched out."
Mobile phones are also identified as a security risk. One worker said: "I saw one member of the team taking a photograph of a customer's account details on his mobile phone. The customer's name looked humorous. He wanted to show it to his mates. I pointed out it had basically every piece of information to access someone's account."
Asked about the finding that 11% of workers have forgotten to ask callers security questions, a worker replied: "It's higher than that. Sometimes you forget. Everybody's done it, it's human nature to forget."
Weir added that although the small scale of the study could not give a full picture of all call centres, it showed there was significant cause for concern.
He said: "I expected to find a lot more precautions in place. I was surprised at the suggested prevalence of suspicious activity. I couldn't believe people were allowed to take notes they made at their desks out of the centre. It's such an easy way to steal information."
He said people could have no control over this happening to their information. "Even if you don't do any business over the phone or online you will still have your information provided through call centres between companies."
Moir added: "I was absolutely shocked that people were bribed to sell information they were handling."
A spokeswoman for Consumer Focus Scotland said: "Identity theft has devastating consequences on individuals, so it should be a priority to strengthen standards and make sure they are policed.
Labour shadow MSP for justice Richard Baker called on the authorities to address the problem.
He said: "This must be addressed as a matter of urgency. There are so many restrictions on how you store data and how you pass it on, so this issue needs to be investigated."
A spokeswoman for the Crown Office said: "We are all well aware of the need for better cooperation in the fight to counter fraud and we are working closely with law enforcement to achieve that."
A spokeswoman for the Customer Contact Association said: "We have a standard that companies can become certified to, with a code of practice concerning fraud, but it is not compulsory."
Email to a friend
Print this page- Rangers takeover: Duff & Phelps threaten legal action against BBC
- Family mourn death of Glasgow ‘fight’ schoolboy
- Today’s youth not fit to be employed, says car firm Arnold Clark
- Rangers administration: Fans fear Duff & Phelps claims could scare off Green
- Rangers takeover: triple penalty punishment enough, says Johnston
- Alistair Darling leads ‘No to independence’ fight over tea and biscuits
- Scottish independence: SNP flip-flops over Nato
- Scottish Independence: SNP ‘won’t be Yes campaign’s only voice’
- Today’s youth not fit to be employed, says car firm Arnold Clark
- Scottish independence: ‘People here are best qualified to run Scotland’
Looking for...
Featured advertisers
Jobs
Search for a job
Motors
Search for a car
Property
Search for a house
Weather for Edinburgh
Saturday 26 May 2012
Today
Sunny
Temperature: 9 C to 20 C
Wind Speed: 16 mph
Wind direction: North east
Tomorrow
Sunny
Temperature: 12 C to 22 C
Wind Speed: 10 mph
Wind direction: North east
